I'm deploying a Node.js application through Codeship using the CodeDeploy AWS deployment system.
I am making use of the appspec.yml file to set the owner and permissions of one of the deployed directory.
I want to allow read/write for any files that will be created in a specified folder of the deployment. Files will be created by the web application once it starts running.
Currently my appspec.yml contains the following:
- source: /
- object: /var/www/APPLICATION_NAME/tmpfiles
If you have Access Control Lists (ACLs) enabled on your filesystem, you can use default ACLs on your directory to allow read/write permissions for owner/group/others on newly created files in that directory.
AWS CodeDeploy lets you specify ACLs for your files in appspec.yml. It can take any valid ACL entries that can be passed to setfacl 
For e.g, in your case to set read, write and execute permission for everyone on all newly created files you can do something like
version: 0.0 os: linux files: - source: / destination: /var/www/APPLICATION_NAME permissions: - object: /var/www/APPLICATION_NAME/tmpfiles mode: 644 acls: - "d:u::rwx" - "d:g::rwx" - "d:o::rwx" owner: ec2-user type: - directory
The permissions can be restricted by the application that creates the new files. You can also set default ACL mask to set mask bits to force certain permissions. For e.g, "d:m::rw" would mask the execute permission. You can explore more about ACL and masking here http://www.vanemery.com/Linux/ACL/POSIX_ACL_on_Linux.html